ServiceNow.com Service Management and BWise Accomplished!
As we are working our way into more and more IT GRC related territories, the logical next step would be to integrate our GRC solution with ITIL (Information Technology Infrastructure Library) Service Management processes. Currently, BWise itself is making use of TopDesk but a more commonly found ITIL Service Management Solution would be ServiceNow.com. Integration through their web services would allow BWise GRC to be able to perform reporting on top of Change Requests, Incidents, and many more of the great features offered through that Cloud Based platform.
It becomes really exciting if you look at it from a GRC perspective! As some of you might already know, we have quite a strong offering in the IT Governance Risk and Compliance area and much of the information required for IT Compliance can be retrieved from external sources such as ServiceNow.com. Consider the link between approval of Change Requests and the actual SAP change log to determine if all changes are actually going through the RFC process for formal approval. Or check if the application of Patches required because of Vulnerabilities found through our Qualys Integration have been performed on-time and through the correct channels for determining impact. Both examples can be related to ISO27001 Compliance for Security Management or COBIT for appropriate change controls over your critical information systems.
There are also ways to, through our Continuous Monitoring Solution, perform frequent KPI Analysis by analyzing the timely resolution of Critical incidents for those applications that are marked as financially significant in the BWise Platform, to show to your external auditor that these are covered by adequate Service Management procedure to prevent material misstatements for Internal Control Over Financial reporting Compliance such as SOX.
These are just two examples of what we are able to accomplish. We would be really interested to hear more possibilities from you!